Solved

Mac and Windows domain

Posted on 2016-08-09
6
82 Views
Last Modified: 2016-10-27
We are setting up a new network with both PC and Mac.  My question is can all modern Macs join a Windows domain and share the resources on that domain?  Also, can I create a user in AD and then have that be the same user authenticating on the Mac?
0
Comment
Question by:al4629740
6 Comments
 
LVL 5

Expert Comment

by:Manuel Flores
Comment Utility
According to this, it would be possible, however a didn't test to tell how good is;
https://www.pluralsight.com/blog/tutorials/join-mac-to-windows-domain

I used in the past a third-party software called ExtremZ-IP now belongs to Acronis.  It worked perfectly for several years.  I had a Dell poweredge Windows 2003 domain server, and a mixture of PC and Macs with its own problems about filename length and others which ExtremZ-IP solved perfectly;
http://www.acronis.com/en-us/mobility/mac-windows-compatibility/

..MFlores.
0
 
LVL 13

Expert Comment

by:Joseph Hornsey
Comment Utility
Actually, I believe you can.  I don't know how well it works, but I've run across it.

I'm not a Mac guy, so I'm no expert - and I know Microsoft won't support it - but I had to look at it a couple of years ago.

Here's the article I referenced.
0
 

Author Comment

by:al4629740
Comment Utility
Would there be a problem if the windows server is virtual and the Mac has to connect to it?
0
Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

 
LVL 5

Expert Comment

by:Manuel Flores
Comment Utility
Not more than being a physical machine in my opinion.
0
 
LVL 28

Accepted Solution

by:
jhyiesla earned 250 total points
Comment Utility
Yes, you can definitely join a Mac to a Windows domain. I am on a Mac right now that is connected to AD. I joined the Mac to the domain  https://support.apple.com/kb/PH18884?locale=en_US

I log in with my AD credentials and I am both administering my Mac as well as I have whatever permission my user guy has to AD on the network. I would suggest not setting up the user first on the Mac.  Log into the Mac as the local admin and join the domain and then log in as the domain user.  You can go back and give whatever rights you want to the user on the Mac or accept the defaults. Having local Mac user and a domain user with the same name may not work, just as it doesn't on Windows unless you specify the name\username format.  I find it easier to just create a local Mac admin and let him do all the local work and then if you want the user to administer the Mac, adjust his settings appropriately.

Also, it doesn't make any difference whether the windows servers are real or virtual.
0
 
LVL 27

Assisted Solution

by:serialband
serialband earned 250 total points
Comment Utility
Short answer is Yes.

Macs can join an AD and use AD for Single Sign On authentication.  You just don't have Group Policy, unless you purchase 3rd party programs to translate the policies.

You can create shares and add users permissions from domain accounts.  The domain user can also get admin permissions to the Mac, if you wish to grant admin permissons.

If you have a laptop that roams, you just need to enable the Domain account as a mobile account, or you won't be able to log in when you are no longer connected to the Domain network.  It's always best to create a local admin account to also manage the Mac in case of specific domain failures that might lock out your account, but you don't really need it.  It's similar to Windows systems on the domain.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now